CVE-2006-0339

Name of the Vulnerable Software and Affected Versions BitComet Client version 0.60

Description The issue allows remote attackers to execute arbitrary code when the publisher's name link is clicked, via a long publisher URI in a torrent file. This occurs because the BitComet Client fails to check the size of the publisher's name URI in a torrent file, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code, potentially resulting in a loss of availability.

Recommendations For BitComet Client version 0.60, consider disabling the handling of publisher's name links in torrent files until a patch is available to prevent arbitrary code execution. Restrict access to torrent files with long publisher URI to minimize the risk of exploitation.